Add support for SHA256 verification, and use it first
authorSteve McIntyre <steve@einval.com>
Thu, 31 Oct 2019 23:31:04 +0000 (23:31 +0000)
committerSteve McIntyre <steve@einval.com>
Fri, 1 Nov 2019 10:02:36 +0000 (10:02 +0000)
commit93c2b3b87239842df601941b98733da19d0ef349
tree58a8998d9d4b33339244958004f141d3d1a65261
parentf50a70159621ad09a98121ede519d59611eb9505
Add support for SHA256 verification, and use it first

If not available, fall back to MD5. If that succeeds, say so but warn
that it's not considered secure.

Simplified the new code - back to single verifyImage() method which
knows about both checksum types.

Old code used to assume that the last entry in the template chain was
an ImageInfo, so would just use .back() to read that. Now we run
through the chain twice, first for SHA256 and then for MD5. That will
be slower, but the difference will be lost in the noise compared to
the cost of actually checksumming the image.
src/jigdo-file-cmd.cc
src/jigdo-file-cmd.hh
src/jigdo-file.cc
src/mkimage.cc